projects / gpl / argeo-suite.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 23cb953)
Lead pane authorization more generic
authorMathieu Baudier <mbaudier@argeo.org>
Fri, 30 Sep 2022 11:43:27 +0000 (13:43 +0200)
committerMathieu Baudier <mbaudier@argeo.org>
Fri, 30 Sep 2022 11:43:27 +0000 (13:43 +0200)
org.argeo.app.ui/src/org/argeo/app/ui/DefaultLeadPane.java patch | blob | history

diff --git a/org.argeo.app.ui/src/org/argeo/app/ui/DefaultLeadPane.java b/org.argeo.app.ui/src/org/argeo/app/ui/DefaultLeadPane.java
index 44d43f657b4206a0b65c69a1d0b5d1fd806f8d99..7b7a0319991f4fff4abb00037f2e19127509a29b 100644 (file)
--- a/org.argeo.app.ui/src/org/argeo/app/ui/DefaultLeadPane.java
+++ b/org.argeo.app.ui/src/org/argeo/app/ui/DefaultLeadPane.java
@@ -43,7 +43,7 @@ public class DefaultLeadPane implements CmsUiProvider {
        private ClassLoader l10nClassLoader;
 
        @Override
-       public Control createUiPart(Composite parent, Content node)  {
+       public Control createUiPart(Composite parent, Content node) {
                CmsView cmsView = CmsSwtUtils.getCmsView(parent);
                parent.setLayout(CmsSwtUtils.noSpaceGridLayout());
                Composite appLayersC = new Composite(parent, SWT.NONE);
@@ -72,7 +72,7 @@ public class DefaultLeadPane implements CmsUiProvider {
                }
 
 //             boolean isAdmin = cmsView.doAs(() -> CurrentUser.isInRole(NodeConstants.ROLE_USER_ADMIN));
-               Set<String> userRoles = cmsView.doAs(() -> CurrentUser.roles());
+               // Set<String> userRoles = cmsView.doAs(() -> CurrentUser.roles());
                Button first = null;
                layers: for (String layerDef : defaultLayers) {
                        layerDef = layerDef.trim();
@@ -83,10 +83,21 @@ public class DefaultLeadPane implements CmsUiProvider {
                        Set<String> layerRoles = SuiteUtils.extractRoles(semiColArr);
                        if (layers.containsKey(layerId)) {
                                if (!layerRoles.isEmpty()) {
-                                       Set<String> intersection = new HashSet<String>(layerRoles);
-                                       intersection.retainAll(userRoles);
-                                       if (intersection.isEmpty())
+                                       boolean authorized = false;
+                                       authorized = cmsView.doAs(() -> {
+                                               for (String layerRole : layerRoles) {
+                                                       if (CurrentUser.implies(layerRole, null)) {
+                                                               return true;
+                                                       }
+                                               }
+                                               return false;
+                                       });
+                                       if (!authorized)
                                                continue layers;// skip unauthorized layer
+//                                     Set<String> intersection = new HashSet<String>(layerRoles);
+//                                     intersection.retainAll(userRoles);
+//                                     if (intersection.isEmpty())
+//                                             continue layers;// skip unauthorized layer
                                }
                                RankedObject<SuiteLayer> layerObj = layers.get(layerId);
 
Argeo Suite - Productivity Applications